diff options
-rw-r--r-- | source4/torture/rpc/lsa.c | 34 |
1 files changed, 26 insertions, 8 deletions
diff --git a/source4/torture/rpc/lsa.c b/source4/torture/rpc/lsa.c index 7599fa9a94..8d2f266f40 100644 --- a/source4/torture/rpc/lsa.c +++ b/source4/torture/rpc/lsa.c @@ -766,21 +766,39 @@ bool test_many_LookupSids(struct dcerpc_pipe *p, if (!test_LookupNames(b, tctx, handle, &names)) { return false; } - } else if (p->conn->security_state.auth_info->auth_type == DCERPC_AUTH_TYPE_SCHANNEL && - p->conn->security_state.auth_info->auth_level >= DCERPC_AUTH_LEVEL_INTEGRITY) { + } + + if (p->binding->transport == NCACN_NP) { + struct lsa_TransNameArray2 names; + + names.count = 0; + names.names = NULL; + + if (!test_LookupSids3(b, tctx, &sids, true)) { + return false; + } + if (!test_LookupNames4(b, tctx, &names, false, true)) { + return false; + } + } else if (p->binding->transport == NCACN_IP_TCP) { + struct lsa_TransNameArray2 names; - if (p->binding->transport == NCACN_IP_TCP) { - struct lsa_TransNameArray2 names; + names.count = 0; + names.names = NULL; + if (p->conn->security_state.auth_info->auth_type == DCERPC_AUTH_TYPE_SCHANNEL && + p->conn->security_state.auth_info->auth_level >= DCERPC_AUTH_LEVEL_INTEGRITY) { if (!test_LookupSids3(b, tctx, &sids, false)) { return false; } - if (!test_LookupNames4(b, tctx, &names, false, false)) { + if (!test_LookupNames4(b, tctx, &names, true, false)) { return false; } - } else if (p->binding->transport == NCACN_NP) { - struct lsa_TransNameArray2 names; - + } else { + /* + * If we don't have a secure channel these tests must + * fail with ACCESS_DENIED. + */ if (!test_LookupSids3(b, tctx, &sids, true)) { return false; } |